Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/87688f-538a-4c25-b5da-ded5addbe5cf/1/QVjQbiyovdR6PNrKalU85XC2O5c.roa
File:                     QVjQbiyovdR6PNrKalU85XC2O5c.roa (raw, json)
Hash identifier:          8l6H7Iysm0YAT7uqRdgPFSwu7dn6UMAIhXnKW3azVFs=
Subject key identifier:   41:58:D0:6E:2C:A8:BD:D4:7A:3C:DA:CA:6A:55:3C:E5:70:B6:3B:97
Certificate issuer:       /CN=5a97979db726fe3e693db92d4fa18fd741be7699
Certificate serial:       018FA1A7D9427A3FF6B0E86364616786A177
Authority key identifier: 5A:97:97:9D:B7:26:FE:3E:69:3D:B9:2D:4F:A1:8F:D7:41:BE:76:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WpeXnbcm_j5pPbktT6GP10G-dpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/87688f-538a-4c25-b5da-ded5addbe5cf/1/QVjQbiyovdR6PNrKalU85XC2O5c.roa
Signing time:             Wed 22 May 2024 18:54:42 +0000
ROA not before:           Wed 22 May 2024 18:54:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215008
IP address blocks:        62.106.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 May 2024 14:42:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:a1:a7:d9:42:7a:3f:f6:b0:e8:63:64:61:67:86:a1:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a97979db726fe3e693db92d4fa18fd741be7699
        Validity
            Not Before: May 22 18:54:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4158d06e2ca8bdd47a3cdaca6a553ce570b63b97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:9e:7c:51:5e:2c:bf:7f:3b:ae:5f:d1:d5:6d:
                    76:9f:ec:cf:27:a4:e7:4a:04:2f:e3:1d:8a:db:4a:
                    e5:27:2d:0d:40:4a:66:b8:02:04:7a:4f:fd:c3:6c:
                    58:d8:81:d9:df:0b:93:f2:0c:0a:75:17:d7:98:ec:
                    45:3e:da:2c:ac:59:57:77:ab:de:1f:71:d2:0e:fe:
                    fc:fe:25:da:8a:3d:24:2a:0a:00:dc:83:b8:ca:b3:
                    c3:24:48:62:2d:e7:0d:70:3b:dc:75:36:4c:a8:d2:
                    59:92:09:f9:36:a5:03:43:ad:e9:38:4f:59:6e:d2:
                    09:77:bc:dc:e3:db:5b:63:dd:29:dd:28:4c:fa:4d:
                    a2:7c:0b:f3:2a:fc:c3:d6:44:81:da:81:d1:68:74:
                    52:29:2d:90:64:2e:88:e2:e6:40:bf:4e:47:9a:43:
                    33:e1:7c:3c:fc:3e:38:bb:b8:68:61:cd:1e:3e:c2:
                    08:93:2c:24:55:17:31:db:4f:d0:50:6a:ad:92:ed:
                    85:05:be:b6:b8:85:ba:07:e9:0c:3c:bc:92:49:32:
                    fd:ba:58:a2:82:4d:bf:4d:9a:8a:e6:24:48:78:07:
                    fc:a9:77:d9:87:22:f2:0a:c8:1d:48:b3:43:73:47:
                    ab:81:4e:64:f5:71:e6:42:56:fd:6d:e1:91:94:b2:
                    4d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:58:D0:6E:2C:A8:BD:D4:7A:3C:DA:CA:6A:55:3C:E5:70:B6:3B:97
            X509v3 Authority Key Identifier:
                keyid:5A:97:97:9D:B7:26:FE:3E:69:3D:B9:2D:4F:A1:8F:D7:41:BE:76:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpeXnbcm_j5pPbktT6GP10G-dpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/87688f-538a-4c25-b5da-ded5addbe5cf/1/QVjQbiyovdR6PNrKalU85XC2O5c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/87688f-538a-4c25-b5da-ded5addbe5cf/1/WpeXnbcm_j5pPbktT6GP10G-dpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.106.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:10:b7:d5:56:2b:84:08:6c:b8:27:86:c4:64:10:7b:a9:25:
         0a:93:03:53:c3:e3:77:5b:09:36:c1:9c:8d:d2:4b:22:8a:a5:
         d6:e8:f1:02:6f:9c:68:cb:7c:68:32:44:bf:7b:90:aa:a3:42:
         4c:44:77:49:77:8b:b3:7d:d5:63:00:52:8e:eb:67:e9:18:b7:
         08:01:98:03:f6:23:91:c3:86:de:3d:2a:86:11:f7:c7:76:55:
         a9:2a:01:80:81:76:cc:3c:ae:6c:cc:07:e4:94:10:86:f5:76:
         d6:47:fd:19:03:aa:d7:1d:32:6c:87:d2:fd:fe:68:c1:99:b0:
         83:71:9d:25:f3:24:bd:d4:cf:a6:33:4e:99:3a:91:82:1e:6a:
         54:bc:da:b4:c6:5a:74:0c:59:d7:04:8e:5a:5e:de:0d:bc:e1:
         4c:4b:b8:8c:93:46:67:a8:3b:1e:e6:85:8f:27:0e:f5:fe:db:
         75:13:37:86:29:3a:78:79:f4:0e:09:e6:ce:5f:12:e4:9a:3b:
         5d:44:78:e3:aa:83:0d:ee:db:3a:e6:44:c8:0d:63:14:0f:2a:
         f0:5c:36:7b:d4:d5:51:04:10:3a:81:75:0e:83:3f:65:53:6d:
         70:91:6c:ee:65:58:54:41:1e:38:b2:e1:df:71:f5:68:eb:58:
         ef:23:44:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+hp9lCej/2sOhjZGFnhqF3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTc5NzlkYjcyNmZlM2U2OTNkYjkyZDRmYTE4ZmQ3NDFi
ZTc2OTkwHhcNMjQwNTIyMTg1NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTU4ZDA2ZTJjYThiZGQ0N2EzY2RhY2E2YTU1M2NlNTcwYjYzYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ58UV4sv387rl/R1W12n+zPJ6Tn
SgQv4x2K20rlJy0NQEpmuAIEek/9w2xY2IHZ3wuT8gwKdRfXmOxFPtosrFlXd6ve
H3HSDv78/iXaij0kKgoA3IO4yrPDJEhiLecNcDvcdTZMqNJZkgn5NqUDQ63pOE9Z
btIJd7zc49tbY90p3ShM+k2ifAvzKvzD1kSB2oHRaHRSKS2QZC6I4uZAv05HmkMz
4Xw8/D44u7hoYc0ePsIIkywkVRcx20/QUGqtku2FBb62uIW6B+kMPLySSTL9ulii
gk2/TZqK5iRIeAf8qXfZhyLyCsgdSLNDc0ergU5k9XHmQlb9beGRlLJN3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFY0G4sqL3UejzaympVPOVwtjuXMB8GA1UdIwQY
MBaAFFqXl523Jv4+aT25LU+hj9dBvnaZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BlWG5iY21fajVwUGJrdFQ2R1AxMEctZHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi84NzY4OGYtNTM4YS00YzI1LWI1ZGEt
ZGVkNWFkZGJlNWNmLzEvUVZqUWJpeW92ZFI2UE5yS2FsVTg1WEMyTzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi84NzY4OGYtNTM4YS00YzI1LWI1ZGEtZGVkNWFkZGJlNWNm
LzEvV3BlWG5iY21fajVwUGJrdFQ2R1AxMEctZHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPmpVMA0G
CSqGSIb3DQEBCwUAA4IBAQArELfVViuECGy4J4bEZBB7qSUKkwNTw+N3Wwk2wZyN
0ksiiqXW6PECb5xoy3xoMkS/e5Cqo0JMRHdJd4uzfdVjAFKO62fpGLcIAZgD9iOR
w4bePSqGEffHdlWpKgGAgXbMPK5szAfklBCG9XbWR/0ZA6rXHTJsh9L9/mjBmbCD
cZ0l8yS91M+mM06ZOpGCHmpUvNq0xlp0DFnXBI5aXt4NvOFMS7iMk0ZnqDse5oWP
Jw71/tt1EzeGKTp4efQOCebOXxLkmjtdRHjjqoMN7ts65kTIDWMUDyrwXDZ71NVR
BBA6gXUOgz9lU21wkWzuZVhUQR44suHfcfVo61jvI0TL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:37 2024 by rpki-client on console-fra.rpki-client.org